A strong factor in the early development of computers was security -the computations that motivated their development, such as decrypting intercepted messages, generating gunnery tables, and developing weapons, had military applications. But the computers themselves were so big and so few that they were relatively easy to protect simply by limiting physical access to them to their programmers and operators. Today, computers have shrunk so that a web server can be hidden in a matchbox and have become so common that few people can give an accurate count of the number they have in their homes and automobiles, much less the number they use in the course of a day. Computers constantly communicate with one another; an isolated computer is crippled. The meaning and implications of "computer security" have changed over the years as well. This paper reviews major concepts and principles of computer security as it stands today. It strives not to delve deeply into specific technical areas such as operating system security, access control, network security, intrusion detection, and so on, but to paint the topic with a broad brush.1 What is computer security?Secure has its etymological roots in se -without, or apart from, and cura to care for, or be concerned about [1]. So, in the broadest sense, we might say a computer is secure if it is free from worry and if it is safe from threats, and computer security is the discipline that helps free us from worrying about our computers. Of course one might be foolishly secure, simply out of ignorance (this is another of the dictionary definitions for the word). In fact, people have worried about the security of their computers for many years, and computer security concerns are a significant factor today in the development and application of computer technology throughout society.Today, securing a computer for an e-commerce application may mean first assuring that the system will be available for use and will deliver uncorrupted information. Assuring the confidentiality of the information delivered may not be important at all if the system is simply acting as an online catalog of merchandise, though of course if it is used to accept credit card numbers, they will require protection. This emphasis reverses the traditional focus of some military and intelligence organizations on preserving confidentiality.In military systems, the first generation of computer security measures aimed to prevent security violations, and researchers developed technologies that could be counted on to prevent computers from leaking sensitive data. The market adopted few of these technologies, however, and a second generation of security technologies, characterized by firewalls and intrusion detection systems, aimed to at least detect and limit security violations that could not be prevented. Efforts are now underway to develop a third generation of security technologies and architectures that will have the ability to tolerate attacks and continue to provide critical functions, albeit in a degraded mode, while ...